Information-theoretic bounds for authentication schemes

Abstract

Consider the situation whereby each member of a sequence of n distinct messages from a finite source space is provided with an authentication check, generated using one and the same encoding rule selected from a finite space of such rules. Let P(n) be the expected probability that a spoofer, who observes such a sequence of messages and their corresponding authentication checks, but does not know the encoding rule in advance, succeeds in generating the correct authentication check for a different message in the source space. The purpose of this paper is to derive a lower bound for the average PNof the probabilities P(0), P(1),...;, P(N) in terms of the entropy of the space of encoding rules, and to derive necessary and sufficient conditions which the encoding scheme must satisfy in order to ensure that this bound cannot be exceeded. © 1990 International Association for Cryptologic Research.